Jobs - 104035- Individual Consultant - Cybersecurity expert (for

Individual Consultant - Cybersecurity expert (for Indian Nationals only)

Lieu :

New Delhi, INDE

Type de contrat :

Individual Contract

Date de commencement :

Date limite de candidature :

20-Jan-22 (Minuit New York, États-Unis)

Niveau du poste :

National Consultant

Durée du contrat initial

Langues requises :

Anglais

Durée prévue de la mission :

Le PNUD s’engage à recruter un personnel divers en termes de genre, de nationalité et de culture. Nous encourageons de même les personnes issues des minorités ethniques, des communautés autochtones ou handicapées à postuler. Toutes les candidatures seront traitées dans la plus stricte confidentialité. Le PNUD ne tolère pas l’exploitation et / ou les atteintes sexuelles, ni aucune forme de harcèlement, y compris le harcèlement sexuel, et / ou toutes formes de discrimination. Tous/tes les candidats/tes selectectionnes /ées devront ainsi se soumettre à de rigoureuses vérifications relatives aux références fournies ainsi qu’à leurs antécédents.

Historique

The Information Technology Service (ITS) is responsible for developing sustainable and affordable ICT solutions and providing integrated Solutions to meet the needs of UNOV-UNODC globally.

The India Technical Hub (EAD-ITH) located in New Delhi is a core pillar in the delivery of solutions under the UN Secretariats ICT strategy. ITS is developing an architecture and management processes to ensure the confidentiality, integrity and accessibility of United Nations Office on Drugs and Crime owned systems and data. As part of this strategy and under the oversight of Chief, ITS and direct supervision of the Head – ITH; the Cybersecurity expert will be responsible for the following:

Devoirs et responsabilités

Provide support in the planning, specification, design, implementation, and maintenance of intrusion Detection Systems (IDS) in Field Offices.
- Work with Intrusion Detection Systems (IDS), standard vulnerability analysis tools like Nmap and Nessus, and perform TCP/IP packet level diagnoses.
Perform regular security testing (e.g., Penetration Testing) for each Field Office - both externally and internally to establish vulnerabilities and provide mitigation measures.
- Support stakeholders to identify security risks and mitigation strategies.
- Receive and log problem calls or service requests in an automated tracking system.
- Act as an ICT Security escalation point for Field Office locations.
- Acts as incidence response coordinator - to handle the security incidence
Advise the UNODC Field Office locations on UN Secretariat policies for ICT Security and support implementation.
Perform administration, technical support, and monitoring of ICT security services.
Undertake complex trouble-shooting and basic forensics (in case of an incident) of server and security systems on Cisco and Checkpoint component-based LAN/WAN infrastructure.
Maintain the Security Advisory Tracker provided by OICT Cybersecurity detailing vulnerabilities and mitigation measures.
Maintain systems documentation.
Conduct research on new technologies as requested; keep abreast of developments in the field; assist in testing and evaluating new products and technologies.
Keep abreast of relevant ICT UN security standards, policies, and procedures.
Conduct duties as required.

Payment Scheduled:

Payments will be deliverable linked and would be made on satisfactory delivery of stipulated deliverables.
Payment would be only after acceptance from the Head – ITH.
Payment would come strictly as per the following schedule of payments:

Outputs and Deliverables	Payment Milestone	Deliverable target
Perform security testing (e.g., Penetration Testing) for 30 Field Offices - from external and internal to get information about their vulnerabilities. Apprise them of the same and develop a mitigation plan	20%	31 March 2022
Design and develop an implementation plan for deploying Intrusion Detection Systems (IDS) in 30 Field Offices across the globe.	20%	31 May 2022
Implement Intrusion Detection Systems (IDS) in 30 Field Offices across the globe	20%	30 June 2022
Undertake an assessment of various software systems and web portals developed and managed by Field offices for their offices and member states.	20%	30 September 2022
Prepare a consolidation report on Intrusion Detection System, way forward document, and security assessment guidelines for field office's networks.	20%	31 December 2022
Please note: The expert will be given a complete orientation to the requirements before the start. The expert is required to share their work frequently, and immediate feedback would be shared. The expert would be required to submit all the source documents, designs, and assets and not reuse them for any of their external requirements.

Compétences

Professionalism: Excellent interpersonal and communication skills. Strong analytical, research, reporting, and writing abilities. Strong organizational and process management competencies. Ability to rapidly analyze and integrate diverse information from varied sources. Ability to produce a variety of written media products in a clear, concise, journalistic style. Ability to deliver oral presentations to various audiences. Is motivated by professional rather than personal concerns. Ability to apply judgment in the context of assignments given, plan own work and manage conflicting priorities, and remain calm in stressful situations. Shows persistence when faced with complex problems or challenges.
Accountability: Takes ownership of all responsibilities and honors commitments; delivers outputs for which one has responsibility within the prescribed time, cost, and quality standards; operates in compliance with organizational regulations and rules; supports subordinates, provides oversight, and takes responsibility for delegated assignments; takes personal responsibility for his/her own shortcomings and those of the work unit, where applicable.
Teamwork: Works collaboratively with colleagues to achieve organizational goals; solicits input by genuinely valuing others' ideas and expertise; is willing to learn from others; places team agenda before personal agenda; builds consensus for task purpose and direction with team members; supports and acts in accordance with final group decisions, even when such decisions may not entirely reflect own position; shares credit for team accomplishments and accepts joint responsibility for team shortcomings.

Qualifications et expériences requises

Education: University degree (Bachelor's degree or equivalent) in Computer Science or equivalent is required. Formal certification in information security is required for this profile.
Experience: A minimum of five years of progressively responsible experience in a similar capacity is required. Experience in setting up of Intrusion Detection Systems, routers, and firewalls is required.

Languages: English and Hindi

Evaluation Criteria:

The award of the contract shall be made to the individual consultant whose offer has been evaluated and determined as a response and has received the highest score out of a pre-determined set of weighted technical and financial criteria specific to the solicitation.

Technical Criteria weight - 70%.
Financial Criteria weight - 30%.
Only candidates obtaining a minimum of 49 points (70% of the total technical points) would be considered for the financial evaluation.

Criteria for Technical Evaluation:

Qualification – 10 marks.
Relevant Work Experience – 60 marks.

Criteria for Financial Evaluation:

Technically qualified consultants will be requested to submit their lump sum rate, i.e., consultants who score more than 70%, i.e., 49 marks with respect to the above-mentioned evaluation criteria. The consultant should not specify their consultancy fee on their CV or with the submission. The CV will not be evaluated further in case the consultant submits the same.

Candidates obtaining a minimum of 49 points/marks (70% of the total techncial points) only would be considered for the Financial Evaluation.

Document to be submitted:

Updated CV (particularly highlighting similar assignment and relevant work experience)

Note:
1. Any kind of miscellaneous charges i.e. Internet, Phone, relocation etc. would not be reimburses.
2. Travel, Lodging and Boarding as per the UNDP rules, subject to the prior approval.
3. Individual working with Institutions may also apply, RLA (Reimbursement Loan Agreement) would be issued in the name of the Institutions for the specific services of the Individual.

UNDP strives to have a workforce which reflects diversity and gender balance, and applies an eauql opportunities approach. Qualified female canidates are strongly encouraged to apply.

All selections are on merit.